Four vulnerabilities discovered in IE6, IE7 and Firefox

By Justin Mann on June 5, 2007, 12:33 PM
Four new vulnerabilities in Internet Explorer and Firefox have been discovered by Michal Zalewski, an independent security researcher. The four flaws currently have no patches available from either Microsoft or Mozilla. Of the two IE flaws, the most severe has the potential to let JavaScript execute with permissions of a previously visited page, which could easily lead to abuse. It affects both IE6 and IE7. The second IE exploit affects IE6 only, and allows URLs to be spoofed in the address bar.

The first of the two Firefox vulnerabilities could lead to code execution, the other could potentially avoid the file prompt delay you see when attempting to download a file. Most of these have online tests you can run to see if your particular browser version is vulnerable. In most cases, you'd need to be running Windows to be vulnerable.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.